‘Uber’s iPhone app has a secret backdoor to powerful Apple features, allowing the ride-hailing service to potentially record a user’s screen and access other personal information without their knowledge.
The existence of Uber’s access to special iPhone functions is not disclosed in any consumer-facing information included with Uber’s app, despite giving the company direct access to features so powerful that Apple almost always keeps them off limits to outside companies.
Although there is no evidence that Uber used this access to take advantage of the iPhone features, the revelation of the app’s access to privileged Apple code raises important questions for a company already under investigation for a variety of controversial business practices.
Uber told Business Insider the code was not currently being used and was essentially a vestige from an earlier version of its Apple Watch app, but it set off alarm bells among experts.
“Granting such a sensitive entitlement to a third-party is unprecedented as far as I can tell, no other app developers have been able to convince Apple to grant them entitlements they’ve needed to let their apps utilize certain privileged system functionality,” Will Strafach, a security researcher who discovered the situation, told Business Insider.’